CMMC 1.0 Practice SI.1.210 Requirement:
Identify, report, and correct information and information system flaws in a timely manner.
CMMC 1.0 SI.1.210 Requirement Explanation:
Information system flaws generally refer to security vulnerabilities in software and operating systems. Hackers can exploit software vulnerabilities to access your systems and data. Install software security updates to remediate vulnerabilities.
Example CMMC 1.0 SI.1.210 Implementation:
Identify your systems that are missing security updates. This includes your workstations, servers, and network devices. Install the missing updates onto the identified systems. Going forward, install security updates when they released. It is always a good idea to test updates before deploying them to all your systems.
CMMC 1.0 SI.1.210 Scenario(s):
- Scenario 1:
A hacker announced that he discovered a vulnerability in Microsoft Windows 10. Several days later Microsoft released a Windows security update to remediate the vulnerability. Alice installs the security updates on her Windows 10 systems. Alice's systems can not be exploited by the new vulnerability.
Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:
Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Supply Chain Verifier
Trust is everything. Verify, monitor, and support subcontactor compliance.